Re: Restricting rdtsc [was: kernel aslr]

To: Maxime Villard <max%m00nbsd.net@localhost>
Subject: Re: Restricting rdtsc [was: kernel aslr]
From: Taylor R Campbell <campbell+netbsd-tech-kern%mumble.net@localhost>
Date: Tue, 28 Mar 2017 18:37:54 +0000

> Date: Tue, 28 Mar 2017 16:58:58 +0200
> From: Maxime Villard <max%m00nbsd.net@localhost>
> 
> Having read several papers on the exploitation of cache latency to defeat
> aslr (kernel or not), it appears that disabling the rdtsc instruction is a
> good mitigation on x86. However, some applications can legitimately use it,
> so I would rather suggest restricting it to root instead.

Put barriers in the way of legitimate applications to thwart
hypothetical attackers who will... step around them and use another
time source, of which there are many options in the system?  This
sounds more like cutting off the nose to spite the face than a good
mitigation against real attacks.

Follow-Ups:
- Re: Restricting rdtsc [was: kernel aslr]
  - From: Alexander Nasonov
- Re: Restricting rdtsc [was: kernel aslr]
  - From: Paul.Koning

References:
- Restricting rdtsc [was: kernel aslr]
  - From: Maxime Villard

Prev by Date: Re: Restricting rdtsc [was: kernel aslr]
Next by Date: Re: Prospective project for Summer of Code.
Previous by Thread: Re: Restricting rdtsc [was: kernel aslr]
Next by Thread: Re: Restricting rdtsc [was: kernel aslr]
Indexes:

Home | Main Index | Thread Index | Old Index